fbpx

Obrela joins Microsoft Intelligence Security Association (MISA)

21 September 2021

Managed Detection and Response Provider Obrela Nominated to MISA

London, UK – September 21, 2021 – Obrela Security Industries, a leading provider of security analytics and cyber risk management services to identify, analyse, predict and prevent highly sophisticated security threats, today announced it has joined the Microsoft Intelligent Security Association (MISA), an ecosystem of independent software vendors (ISV) and managed security service providers (MSSP) that have integrated their security products and services with Microsoft’s to better defend against cyber security threats.

Obrela was nominated to MISA for its managed security services for Microsoft Defender for Endpoint and Microsoft Azure Sentinel. In addition, Obrela brings to MISA its renowned managed detection and response (MDR) platform, Swordfish. Swordfish is a security platform that works across an organisation’s entire digital universe. Swordfish enables them to identify, analyse, evaluate, and remediate cyber security risks.

“We are delighted to join the prestigious MISA eco-system and be nominated by Microsoft as a security partner. Organisations worldwide are under increased threat from cyber-attacks, and our collaboration with Microsoft will enable us to help address these risks. Above all, organisations need to know they are protected 24/7 against all the attacks they face, regardless of their source. Our mission is to keep our customer’s business in business, and we are on the field as their first line of cyber defence,” said George Daglas, co-founder and Chief Operations Officer at Obrela Security Industries.

Obrela’s MDR platform offers complete visibility across an organisation’s environment, assessing risks based upon the business. Obrela collects and analyses structured and unstructured security data from every underlying element of a client’s digital footprint to achieve this level of visibility and protect the whole digital universe. This way, Obrela generates valuable intelligence for new, emerging and advanced security threats and giving clients the unique advantage of predictability, preparation and response.

“Customers need to be confident that their sensitive data, employees’ identities, applications, infrastructure, and endpoints are always secure. We’ve invested in the Microsoft Intelligent Security Association to provide customers with more options that meet their unique security requirements,” said Maria Thomson, Microsoft Intelligent Security Association Lead.

 


Media Enquiries:

 

Lucy Harvey

+44 7502 269 304

lucy[at]eskenzipr.com

 

John Alexiou

+30 693 2289329

j.alexiou[at]obrela.com

LATEST UPDATES

ProxyShell Bugs on Microsoft Exchange Servers

16 August 2021 - by Obrela SOC

As of August 12, 2021, Microsoft Exchange Servers seem to be under active attack. Threat actors take advantage of the ProxyShell exploit chain that allows remote unauthenticated attackers to execute arbitrary commands on vulnerable on-premises instances of Microsoft Exchange Servers.

The ProxyShell exploit chain consists of 3 vulnerabilities:

  • CVE-2021-34473 – Microsoft Exchange Server Remote Code Execution Vulnerability
  • CVE-2021-34523 – Microsoft Exchange Server Elevation of Privilege Vulnerability
  • CVE-2021-31207 – Microsoft Exchange Server Security Feature Bypass Vulnerability

The above 3 vulnerabilities are exploited remotely through Microsoft Exchange’s Client Access Service (CAS) running on port 443 in IIS. When chained together they allow attackers to bypass ACL controls, send a request to a PowerShell back-end, and elevate privileges.

According to Shodan it seems that there are at least 47,916 publicly exposed MS Exchange Servers that are still unpatched against at least one of the three bugs that can be chained together for this attack.

Mitigation

Block incoming, external traffic over port 443 to corporate Microsoft Exchange Servers if this does not break any functionality for the organization and until it is ensured that the above 3 vulnerabilities are fully patched.

Remediation

Microsoft has released cumulative updates that include the patches for the below Microsoft Exchange Server vulnerabilities:

CVE-2021-34473
CVE-2021-34523
CVE-2021-31207

 

LATEST UPDATES